mpd VPN Server / W2K Clients
Bill Asher
basher at protechnet.com
Wed Dec 3 08:22:47 PST 2003
Hello,
I am trying to configure mpd for road warrior w2k clients to connect to,
and I'm running into a few issues, hoping some of you could help out.
I'm not sure if there are other issues that need to be configured
differently besides mpd, like ppp or natd, etc. Or do you need to change
options in the W2K VPN client. Below are my specs, mpd config files, and
error message. Please let me know if you have any suggestions. THANKS!!!
-----------
Heres my specs on my testing box:
-----------
FreeBSD 4.9
WAN IP: 1.2.3.4
LAN IP: 10.30.30.1
MPD version: 3.15
Recompiled with these options IPFIREWALL, DUMMYNET, BRIDGE, IPSEC:
Pretty basic testing firewall system.
Running ipfw, natd
-----------
Mpd.conf:
-----------
default:
load pptp0
pptp0:
new -i ng0 pptp0 pptp0
set ipcp ranges 10.30.30.100/24 10.30.30.230/24
load pptp
pptp:
set iface disable on-demand
set iface enable proxy-arp
set iface idle 1800
set link yes acfcomp protocomp
set link no chap
set link enable pap
set link mtu 1460
set link mru 1460
set link keep-alive 10 60
set ipcp yes vjcomp
set ipcp dns 6.7.8.9
set bundle enable compression
set ccp yes mpp-compress
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e56
set ccp yes mpp-e128
set ccp yes mpp-stateless
-----------
Mpd.links:
-----------
pptp0:
set link type pptp
set pptp self 1.2.3.4
set pptp enable incoming
set pptp disable originate
-----------
Mpd.secret:
-----------
John password
-----------
When a W2K client(24.24.24.24) tries to connect, this is what is
displayed on the server:
-----------
Multi-link PPP for FreeBSD, by Archie L. Cobbs.
Based on iij-ppp, by Toshiharu OHNO.
mpd: pid 3472, version 3.15 (hostname at domain.com 12:19 1-Dec-2003)
[pptp0] ppp node is "mpd3472-pptp0"
mpd: local IP address for PPTP is 1.2.3.4
[pptp0] using interface ng0
[pptp0:pptp0] mpd: PPTP connection from 24.24.24.24:1275
pptp0: attached to connection with 24.24.24.24:1275
[pptp0] IFACE: Open event
[pptp0] IPCP: Open event
[pptp0] IPCP: state change Initial --> Starting
[pptp0] IPCP: LayerStart
[pptp0] IPCP: Open event
[pptp0] bundle: OPEN event in state CLOSED
[pptp0] opening link "pptp0"...
[pptp0] link: OPEN event
[pptp0] LCP: Open event
[pptp0] LCP: state change Initial --> Starting
[pptp0] LCP: LayerStart
[pptp0] device: OPEN event in state DOWN
[pptp0] attaching to peer's outgoing call
[pptp0] device is now in state OPENING
[pptp0] device: UP event in state OPENING
[pptp0] device is now in state UP
[pptp0] link: UP event
[pptp0] link: origination is remote
[pptp0] LCP: Up event
[pptp0] LCP: state change Starting --> Req-Sent
[pptp0] LCP: phase shift DEAD --> ESTABLISH
[pptp0] LCP: SendConfigReq #1
ACFCOMP
PROTOCOMP
MRU 1460
MAGICNUM 7ad4aee0
AUTHPROTO PAP
MP MRRU 1600
MP SHORTSEQ
ENDPOINTDISC [802.1] 00 04 75 c3 99 19
pptp0-0: ignoring SetLinkInfo
[pptp0] LCP: rec'd Configure Request #0 link 0 (Req-Sent)
MRU 1400
MAGICNUM 76ca7995
PROTOCOMP
ACFCOMP
CALLBACK
Not supported
[pptp0] LCP: SendConfigRej #0
CALLBACK
[pptp0] LCP: rec'd Configure Reject #1 link 0 (Req-Sent)
MP MRRU 1600
MP SHORTSEQ
ENDPOINTDISC [802.1] 00 04 75 c3 99 19
[pptp0] LCP: SendConfigReq #2
ACFCOMP
PROTOCOMP
MRU 1460
MAGICNUM 7ad4aee0
AUTHPROTO PAP
[pptp0] LCP: rec'd Configure Request #1 link 0 (Req-Sent)
MRU 1400
MAGICNUM 76ca7995
PROTOCOMP
ACFCOMP
[pptp0] LCP: SendConfigAck #1
MRU 1400
MAGICNUM 76ca7995
PROTOCOMP
ACFCOMP
[pptp0] LCP: state change Req-Sent --> Ack-Sent
[pptp0] LCP: rec'd Configure Nak #2 link 0 (Ack-Sent)
AUTHPROTO CHAP MSOFTv2
[pptp0] LCP: SendConfigReq #3
ACFCOMP
PROTOCOMP
MRU 1460
MAGICNUM 7ad4aee0
AUTHPROTO PAP
[pptp0] LCP: rec'd Configure Nak #3 link 0 (Ack-Sent)
AUTHPROTO CHAP MSOFT
[pptp0] LCP: SendConfigReq #4
ACFCOMP
PROTOCOMP
MRU 1460
MAGICNUM 7ad4aee0
AUTHPROTO PAP
[pptp0] LCP: rec'd Configure Nak #4 link 0 (Ack-Sent)
AUTHPROTO CHAP MSOFT
[pptp0] LCP: SendConfigReq #5
ACFCOMP
PROTOCOMP
MRU 1460
MAGICNUM 7ad4aee0
AUTHPROTO PAP
[pptp0] LCP: rec'd Configure Nak #5 link 0 (Ack-Sent)
AUTHPROTO CHAP MSOFT
[pptp0] LCP: SendConfigReq #6
ACFCOMP
PROTOCOMP
MRU 1460
MAGICNUM 7ad4aee0
AUTHPROTO PAP
[pptp0] LCP: rec'd Configure Nak #6 link 0 (Ack-Sent)
AUTHPROTO CHAP MSOFT
[pptp0] LCP: SendConfigReq #7
ACFCOMP
PROTOCOMP
MRU 1460
MAGICNUM 7ad4aee0
AUTHPROTO PAP
[pptp0] LCP: rec'd Configure Nak #7 link 0 (Ack-Sent)
AUTHPROTO CHAP MSOFT
[pptp0] LCP: SendConfigReq #8
ACFCOMP
PROTOCOMP
MRU 1460
MAGICNUM 7ad4aee0
AUTHPROTO PAP
[pptp0] LCP: SendConfigReq #9
ACFCOMP
PROTOCOMP
MRU 1460
MAGICNUM 7ad4aee0
AUTHPROTO PAP
[pptp0] LCP: rec'd Configure Nak #9 link 0 (Ack-Sent)
AUTHPROTO CHAP MSOFT
[pptp0] LCP: SendConfigReq #10
ACFCOMP
PROTOCOMP
MRU 1460
MAGICNUM 7ad4aee0
AUTHPROTO PAP
[pptp0] LCP: rec'd Configure Nak #10 link 0 (Ack-Sent)
AUTHPROTO CHAP MSOFT
[pptp0] LCP: not converging
[pptp0] LCP: parameter negotiation failed
[pptp0] LCP: state change Ack-Sent --> Stopped
[pptp0] LCP: LayerFinish
[pptp0] device: CLOSE event in state UP
pptp0-0: clearing call
pptp0-0: killing channel
[pptp0] PPTP call terminated
[pptp0] IFACE: Close event
[pptp0] IPCP: Close event
[pptp0] IPCP: state change Starting --> Initial
[pptp0] IPCP: LayerFinish
[pptp0] IFACE: Close event
pptp0: closing connection with 24.24.24.24:1275
[pptp0] IFACE: Close event
[pptp0] device is now in state CLOSING
[pptp0] bundle: CLOSE event in state OPENED
[pptp0] closing link "pptp0"...
[pptp0] device: DOWN event in state CLOSING
[pptp0] device is now in state DOWN
[pptp0] link: CLOSE event
[pptp0] LCP: Close event
[pptp0] LCP: state change Stopped --> Closed
[pptp0] device: DOWN event in state DOWN
[pptp0] device is now in state DOWN
[pptp0] link: DOWN event
[pptp0] LCP: Down event
[pptp0] LCP: state change Closed --> Initial
[pptp0] LCP: phase shift ESTABLISH --> DEAD
[pptp0] link: DOWN event
[pptp0] LCP: Down event
pptp0: killing connection with 24.24.24.24:1275
-----------
W2K VPN client reports:
-----------
Error 619: A connection to the remote computer could not be established,
so the port used for this connection was closed.
B.Asher - PND,LLC - www.protechnet.com
More information about the freebsd-questions
mailing list